r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash dfb72f04bd7a4410640c0543bb4bd402
7c63b7e220b337b6a4f39864e11d6aa9e26c38ac
b7f7a4d355ed3b847a5e28f16030d5cbc715d47326aea20f292cd76dcaf59794
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B7F7A4D355ED3B847A5E28F16030D5CBC715D47326AEA20F292CD76DCAF59794"
Last-Modified: Mon, 21 Nov 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8249
Expires: Tue, 22 Nov 2022 05:53:30 GMT
Date: Tue, 22 Nov 2022 03:36:01 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 4843de3bf95411e6aa89834def44bb86
1f1882351ac63fba73a22014382f69df5e02ec96
1e6ed1df02f8fa6c89ddca66f7c9981f8a06127d7ec90b503703137e823bb4b7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3819
Cache-Control: max-age=115135
Content-Type: application/ocsp-response
Date: Tue, 22 Nov 2022 03:36:01 GMT
Etag: "637b5375-1d7"
Expires: Wed, 23 Nov 2022 11:34:56 GMT
Last-Modified: Mon, 21 Nov 2022 10:31:17 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 054ff0d1a0a43f7cb1d78dbd34e27f99
3caf54f3de1d6a8c6f6454083f8b8e7dec77db54
fcdcef8306ae31f20c366489e1f88aa40b08f154d25d45f4055c4f8cdef47634
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FCDCEF8306AE31F20C366489E1F88AA40B08F154D25D45F4055C4F8CDEF47634"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4222
Expires: Tue, 22 Nov 2022 04:46:23 GMT
Date: Tue, 22 Nov 2022 03:36:01 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 4d7e4eed097b9c4e5d509419f1cfc85a
290bb3d428a7c6330e2e3d73a952b16f820896c8
0dc9ca0f57af15adcd416035e92794711434e3d53a1feff21d8481d6d500986c
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, Alert, Backoff, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 22 Nov 2022 03:09:18 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 1603
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: MHPp8xaaGIdci76DOSK9zxnSDDvi19nZATgz4FNLHQZgyq5AsUQRXe1hCQwV7tR7sDh7NxVKS+NgrBMnWhSnSw==
x-amz-request-id: B2GV2SFQZNAWRXGZ
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 22 Nov 2022 02:39:23 GMT
age: 3398
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 22 Nov 2022 03:36:01 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Cache-Control, ETag, Pragma, Expires, Backoff, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 22 Nov 2022 03:08:53 GMT
cache-control: public,max-age=3600
age: 1628
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 2db0ebb9efcf3be3c92f23b61de5c065
dd830565723f18a7944c26d24b0fb142d06a71a5
8615316184c4d1d64db923a5364363bbb3d25e146a042c5fbd5bf0cfcec8effb
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6090
Cache-Control: max-age=112342
Content-Type: application/ocsp-response
Date: Tue, 22 Nov 2022 03:36:02 GMT
Etag: "637b3fae-1d7"
Expires: Wed, 23 Nov 2022 10:48:24 GMT
Last-Modified: Mon, 21 Nov 2022 09:06:54 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
35.164.183.116101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.164.183.116:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Bs+tO3HJS/DHn5Jx8PBRSQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: g8c4kD/Y0duZ1k+X0uIzwxiy45M=
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 611d1eca860866489908506a26bd6a2a
5e8c401f098357cd12889a6e507baf7c8a87772a
e3216e5edd547bc8f6a43780da5a118842b96de96d5cf668af68d8706ceb32e4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E3216E5EDD547BC8F6A43780DA5A118842B96DE96D5CF668AF68D8706CEB32E4"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5196
Expires: Tue, 22 Nov 2022 05:02:39 GMT
Date: Tue, 22 Nov 2022 03:36:03 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 611d1eca860866489908506a26bd6a2a
5e8c401f098357cd12889a6e507baf7c8a87772a
e3216e5edd547bc8f6a43780da5a118842b96de96d5cf668af68d8706ceb32e4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E3216E5EDD547BC8F6A43780DA5A118842B96DE96D5CF668AF68D8706CEB32E4"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5196
Expires: Tue, 22 Nov 2022 05:02:39 GMT
Date: Tue, 22 Nov 2022 03:36:03 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 611d1eca860866489908506a26bd6a2a
5e8c401f098357cd12889a6e507baf7c8a87772a
e3216e5edd547bc8f6a43780da5a118842b96de96d5cf668af68d8706ceb32e4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E3216E5EDD547BC8F6A43780DA5A118842B96DE96D5CF668AF68D8706CEB32E4"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5196
Expires: Tue, 22 Nov 2022 05:02:39 GMT
Date: Tue, 22 Nov 2022 03:36:03 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 611d1eca860866489908506a26bd6a2a
5e8c401f098357cd12889a6e507baf7c8a87772a
e3216e5edd547bc8f6a43780da5a118842b96de96d5cf668af68d8706ceb32e4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E3216E5EDD547BC8F6A43780DA5A118842B96DE96D5CF668AF68D8706CEB32E4"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5196
Expires: Tue, 22 Nov 2022 05:02:39 GMT
Date: Tue, 22 Nov 2022 03:36:03 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff4ba2cc1-6e28-45a2-bc78-97012bdeedb2.png
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff4ba2cc1-6e28-45a2-bc78-97012bdeedb2.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8b591bcc9d645eed0ea6ebc5dae07d31
97278cc5c5a1be7926d53fd8daf9e802bfb6cbdb
82dde9a4d139bdfae1d8859f4d7a77f92182c65ad630e25d0cc52f346dd1dfad
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff4ba2cc1-6e28-45a2-bc78-97012bdeedb2.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11793
x-amzn-requestid: 7edbd95e-83c8-4162-886f-b0bf88deee5f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b-I6oFrQIAMFnYA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637beeaa-4f1317ec61500d713816830d;Sampled=0
x-amzn-remapped-date: Mon, 21 Nov 2022 21:33:30 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: hd2a0sbw7fzVnkVpCOEAnu_W-Z0EajArOracSTImr6jbhOFwKbDKpw==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Mon, 21 Nov 2022 21:44:56 GMT
age: 21067
etag: "97278cc5c5a1be7926d53fd8daf9e802bfb6cbdb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7b919084-f564-465a-ac1a-59e00596bb76.jpeg
34.120.237.76200 OK 8.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7b919084-f564-465a-ac1a-59e00596bb76.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 10f54d1625147d074c29bdff1897ef8f
d1359b0dcf6974d685b5c55c5789810863cce7cd
6431d25310697b4455f3e9487a11415f082d05e02d33b29cad3c8862ece28322
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7b919084-f564-465a-ac1a-59e00596bb76.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8405
x-amzn-requestid: b93c951e-7aa0-468d-92b9-4079f7bfc9ff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b1jFbGoWIAMFZ7w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63787eef-14f7c7985f46ffde1b7e3ed6;Sampled=0
x-amzn-remapped-date: Sat, 19 Nov 2022 06:59:59 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 3KHsHTHxpi4ia2Ka-uq0s5c543qAWVq_ZqHk4atSRMS95BaNeLMmhA==
via: 1.1 010c0731b9775a983eceaec0f5fa6a2e.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 21 Nov 2022 21:47:12 GMT
age: 20931
etag: "d1359b0dcf6974d685b5c55c5789810863cce7cd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d50a0d2-05bc-4c0c-8961-2b8cc49ccc8f.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d50a0d2-05bc-4c0c-8961-2b8cc49ccc8f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0ab62c5a7c3296600de924eb0b283bc1
bc4a2dc43898e3fb78ba7301d8b09b280991d221
f2a4c0829a4fb9a585113ed358832d16470ec391035a302a8f3c4666172f02bd
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d50a0d2-05bc-4c0c-8961-2b8cc49ccc8f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10556
x-amzn-requestid: d2426c6d-5e78-496c-8649-0496a872b380
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b-Iq0GPVoAMF9bg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637bee45-1ee6dc09394731cc4dbfc38a;Sampled=0
x-amzn-remapped-date: Mon, 21 Nov 2022 21:31:49 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: eHLf2DFK-3yN5dEG22XItPxRzmODRdThIYJI2oZqDJpgTGQGSQnGzQ==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 a847181d425b7fc57e81eb3c800bfdf2.cloudfront.net (CloudFront), 1.1 google
date: Mon, 21 Nov 2022 21:46:07 GMT
age: 20996
etag: "bc4a2dc43898e3fb78ba7301d8b09b280991d221"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fac98a873-8b46-43f5-9ac0-fc1cc1a0cd81.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fac98a873-8b46-43f5-9ac0-fc1cc1a0cd81.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 481c033b9ffd030ff0de6e35cf788b47
85d3baad9217af2b5d75c019d2ef95dbb919a788
02443c7869914c2b29892deb0c645395bcf4e8379da3cf20974614ff9c92893b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fac98a873-8b46-43f5-9ac0-fc1cc1a0cd81.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11249
x-amzn-requestid: 65a3db77-b2e6-40b9-a776-021c2e9b56d0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bubSsHbZoAMFZNg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6375a5aa-1286b97968cc2e4c7fe8ab29;Sampled=0
x-amzn-remapped-date: Thu, 17 Nov 2022 03:08:26 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: iGM_HV13dzz5eOswbOJfjj14jlFW4jy2YsW7eJumS_TM5TxxG8VMwQ==
via: 1.1 38eecd3ca21bf068d69a2f9cfe668d14.cloudfront.net (CloudFront), 1.1 b8c4a4ca04bb1976e020396d211bc8dc.cloudfront.net (CloudFront), 1.1 google
date: Mon, 21 Nov 2022 03:49:10 GMT
age: 85613
etag: "85d3baad9217af2b5d75c019d2ef95dbb919a788"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F05ba1792-f86a-406e-8e1c-f133f0fb8d73.jpeg
34.120.237.76200 OK 9.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F05ba1792-f86a-406e-8e1c-f133f0fb8d73.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 253593d1b3f90aa54d0748688fbb09ac
470c54ca28e1e5c56828c8c7f9849374061f501e
d8d331519f526b1117e4f67b0fb5fb46f400a63d1cb5757a3f22201ea70301ce
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F05ba1792-f86a-406e-8e1c-f133f0fb8d73.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9598
x-amzn-requestid: a713ce94-2441-4288-b6d8-cd6b638274b9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b-IqVGgJoAMFz5w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637bee41-5ed8e45c664203e137f8c92b;Sampled=0
x-amzn-remapped-date: Mon, 21 Nov 2022 21:31:45 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: mDiJvNjoSqIbYd2Mx4Kv5muJ-g-hehPMyWAjnZuhidG7uEtjdTtTGA==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 21 Nov 2022 22:36:15 GMT
etag: "470c54ca28e1e5c56828c8c7f9849374061f501e"
content-type: image/jpeg
age: 17988
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbe35a8d1-e974-48d4-a8b7-1add4aa5d251.webp
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbe35a8d1-e974-48d4-a8b7-1add4aa5d251.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2ed6b76d15fc8d6295acdb6fb47461d3
b8c928f93a8d82b48491448d811a95ad99dc6aef
de326836a9de677438b9ae724198e94348b0900c62817ff10de3677ce93fdae0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbe35a8d1-e974-48d4-a8b7-1add4aa5d251.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8685
x-amzn-requestid: 66455cc7-83d7-4570-99f9-5fa838da947f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b-IrAHwKoAMFUHQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637bee46-354d65e9609bc05647556a5a;Sampled=0
x-amzn-remapped-date: Mon, 21 Nov 2022 21:31:50 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: -9tZPsMl7i5hr0N1rwJdQBLiOImuEO12RDL0pcPNjf6t-LkRbPaN2A==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Mon, 21 Nov 2022 22:02:46 GMT
etag: "b8c928f93a8d82b48491448d811a95ad99dc6aef"
content-type: image/jpeg
age: 19997
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
dhl-expressdhl-global-forwarding.misecure.com/dhl-supply-chain/a1b2c3/6d05459499d417aea7e5c0ce9533d64f/start/
198.52.107.223200 OK 3.8 kB URL HTTP/1.1 dhl-expressdhl-global-forwarding.misecure.com/dhl-supply-chain/a1b2c3/6d05459499d417aea7e5c0ce9533d64f/start/
IP 198.52.107.223:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (7526)
Hash d0768f4bc76e2627f37565fc3ca4c3ab
5e9b69ba42fb910fa610394a1c784dd7405444ca
bbea0a83e9430439ad57630f5f910227d69402758258c19499fb2b6197936616
Analyzer Verdict Alert openphish DHL Airways, Inc.
fortinet Phishing
quad9 Sinkholed
GET /dhl-supply-chain/a1b2c3/6d05459499d417aea7e5c0ce9533d64f/start/ HTTP/1.1
Host: dhl-expressdhl-global-forwarding.misecure.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 22 Nov 2022 03:36:06 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 3808
Connection: keep-alive
Keep-Alive: timeout=60
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Vary: Accept-Encoding
Content-Encoding: gzip
dhl-expressdhl-global-forwarding.misecure.com/dhl-supply-chain/bower_components/ua-parser-js/dist/ua-parser.min.js
198.52.107.223200 OK 6.1 kB URL HTTP/1.1 dhl-expressdhl-global-forwarding.misecure.com/dhl-supply-chain/bower_components/ua-parser-js/dist/ua-parser.min.js
IP 198.52.107.223:0
File type Unicode text, UTF-8 text, with very long lines (16817)
Hash 2fbe7e9f8ffc6f6d84ba25e3dfe70c88
cb1fbd62f76deadf6f9525793b13bda9fafe7f78
6e326f1c2eb0d89902a18a5ff1f4a2ee07c10b87dc0db6e945a3add3aa84b111
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /dhl-supply-chain/bower_components/ua-parser-js/dist/ua-parser.min.js HTTP/1.1
Host: dhl-expressdhl-global-forwarding.misecure.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dhl-expressdhl-global-forwarding.misecure.com/dhl-supply-chain/a1b2c3/6d05459499d417aea7e5c0ce9533d64f/start/
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 22 Nov 2022 03:36:06 GMT
Content-Type: application/javascript
Last-Modified: Thu, 12 Oct 2017 21:16:24 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
ETag: W/"59dfdba8-4298"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip
dhl-expressdhl-global-forwarding.misecure.com/dhl-supply-chain/bower_components/font-awesome/css/font-awesome.min.css
198.52.107.223200 OK 6.9 kB URL HTTP/1.1 dhl-expressdhl-global-forwarding.misecure.com/dhl-supply-chain/bower_components/font-awesome/css/font-awesome.min.css
IP 198.52.107.223:0
File type ASCII text, with very long lines (30837)
Hash a77d4f5c736eac3ad8f11c9e855a6b11
d4f79ce178790388158deaeb29eb2bb434767462
645dd1711d78718b065348056f4d47f0c81b9cac8a14eb4230b3a901b97717ea
Analyzer Verdict Alert quad9 Sinkholed
GET /dhl-supply-chain/bower_components/font-awesome/css/font-awesome.min.css HTTP/1.1
Host: dhl-expressdhl-global-forwarding.misecure.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dhl-expressdhl-global-forwarding.misecure.com/dhl-supply-chain/a1b2c3/6d05459499d417aea7e5c0ce9533d64f/start/
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 22 Nov 2022 03:36:06 GMT
Content-Type: text/css
Last-Modified: Sun, 09 Apr 2017 17:29:24 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
ETag: W/"58ea6f74-7918"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip
dhl-expressdhl-global-forwarding.misecure.com/dhl-supply-chain/core/token/core_token.js
198.52.107.223200 OK 1.4 kB URL HTTP/1.1 dhl-expressdhl-global-forwarding.misecure.com/dhl-supply-chain/core/token/core_token.js
IP 198.52.107.223:0
Hash 654d0dcef9f24fe8bff7dc4cd1fb53a6
0c811c8686e41d88040a5453afe713bdfe71ab7c
1f93a2a23980e8d0a47a49b5ff86fe45149bf7906084a75aa10eb27471445d69
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /dhl-supply-chain/core/token/core_token.js HTTP/1.1
Host: dhl-expressdhl-global-forwarding.misecure.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dhl-expressdhl-global-forwarding.misecure.com/dhl-supply-chain/a1b2c3/6d05459499d417aea7e5c0ce9533d64f/start/
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 22 Nov 2022 03:36:06 GMT
Content-Type: application/javascript
Last-Modified: Sun, 14 Jun 2020 03:05:42 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
ETag: W/"5ee59406-243d"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip
dhl-expressdhl-global-forwarding.misecure.com/dhl-supply-chain/core/form/core_form.js
198.52.107.223200 OK 4.6 kB URL HTTP/1.1 dhl-expressdhl-global-forwarding.misecure.com/dhl-supply-chain/core/form/core_form.js
IP 198.52.107.223:0
Hash 6752307971ba1d1100f7c8551f974079
6d0835b4df959bad1f29e07eaf26b4bae1add71f
47770186de45f683716580acc4669430066adb237fb976a7ed0fdcc9187eb095
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /dhl-supply-chain/core/form/core_form.js HTTP/1.1
Host: dhl-expressdhl-global-forwarding.misecure.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dhl-expressdhl-global-forwarding.misecure.com/dhl-supply-chain/a1b2c3/6d05459499d417aea7e5c0ce9533d64f/start/
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 22 Nov 2022 03:36:06 GMT
Content-Type: application/javascript
Last-Modified: Fri, 22 May 2020 19:22:58 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
ETag: W/"5ec82692-49b2"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip
dhl-expressdhl-global-forwarding.misecure.com/dhl-supply-chain/bower_components/jquery/dist/jquery.min.js
198.52.107.223200 OK 30 kB URL HTTP/1.1 dhl-expressdhl-global-forwarding.misecure.com/dhl-supply-chain/bower_components/jquery/dist/jquery.min.js
IP 198.52.107.223:0
File type ASCII text, with very long lines (32058)
Hash 7905271066c200fb34fa0009cde90880
2a23e0015c33afbf7aebfded41c34769067cce2a
fc1d58b2073ab18ca818b533feb200ae669596b87b2c7f77a45b5afb2cda6db4
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /dhl-supply-chain/bower_components/jquery/dist/jquery.min.js HTTP/1.1
Host: dhl-expressdhl-global-forwarding.misecure.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dhl-expressdhl-global-forwarding.misecure.com/dhl-supply-chain/a1b2c3/6d05459499d417aea7e5c0ce9533d64f/start/
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 22 Nov 2022 03:36:06 GMT
Content-Type: application/javascript
Last-Modified: Mon, 05 Jun 2017 16:55:06 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
ETag: W/"59358cea-15283"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip
dhl-expressdhl-global-forwarding.misecure.com/dhl-supply-chain/bower_components/jquery.maskedinput/dist/jquery.maskedinput.min.js
198.52.107.223200 OK 3.2 kB URL HTTP/1.1 dhl-expressdhl-global-forwarding.misecure.com/dhl-supply-chain/bower_components/jquery.maskedinput/dist/jquery.maskedinput.min.js
IP 198.52.107.223:0
Hash 79ed1bfacf715588344cd45668f8c93f
f8095f1dfbb712ebef399cfd4f34935742f6e704
1fbd7c0a93bf87145a2c3517c00aa504701bddf30b0651ff5befb7a1e2d3344f
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /dhl-supply-chain/bower_components/jquery.maskedinput/dist/jquery.maskedinput.min.js HTTP/1.1
Host: dhl-expressdhl-global-forwarding.misecure.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dhl-expressdhl-global-forwarding.misecure.com/dhl-supply-chain/a1b2c3/6d05459499d417aea7e5c0ce9533d64f/start/
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 22 Nov 2022 03:36:06 GMT
Content-Type: application/javascript
Last-Modified: Sat, 18 Nov 2017 02:03:36 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
ETag: W/"5a0f94f8-4001"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip
dhl-expressdhl-global-forwarding.misecure.com/dhl-supply-chain/start/form/css.css
198.52.107.223200 OK 0 B URL HTTP/1.1 dhl-expressdhl-global-forwarding.misecure.com/dhl-supply-chain/start/form/css.css
IP 198.52.107.223:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /dhl-supply-chain/start/form/css.css HTTP/1.1
Host: dhl-expressdhl-global-forwarding.misecure.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dhl-expressdhl-global-forwarding.misecure.com/dhl-supply-chain/a1b2c3/6d05459499d417aea7e5c0ce9533d64f/start/
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 22 Nov 2022 03:36:06 GMT
Content-Type: text/css
Content-Length: 0
Last-Modified: Sun, 22 Sep 2019 22:13:18 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "5d87f1fe-0"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
dhl-expressdhl-global-forwarding.misecure.com/dhl-supply-chain/start/form/form.js?v=637c43a61f9c1
198.52.107.223200 OK 693 B URL HTTP/1.1 dhl-expressdhl-global-forwarding.misecure.com/dhl-supply-chain/start/form/form.js?v=637c43a61f9c1
IP 198.52.107.223:0
Hash 4aab05a5feddf5cf7ad366549343e086
9ac17870b833025dc7b395b7077737e9981198b6
6cc9091afa6feb3b03d314cf5a4942731f036baa46a1ad436464ed9daff69709
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /dhl-supply-chain/start/form/form.js?v=637c43a61f9c1 HTTP/1.1
Host: dhl-expressdhl-global-forwarding.misecure.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dhl-expressdhl-global-forwarding.misecure.com/dhl-supply-chain/a1b2c3/6d05459499d417aea7e5c0ce9533d64f/start/
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 22 Nov 2022 03:36:06 GMT
Content-Type: application/javascript
Last-Modified: Fri, 22 May 2020 02:56:50 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
ETag: W/"5ec73f72-9be"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip
dhl-expressdhl-global-forwarding.misecure.com/dhl-supply-chain/start/token/token.js?v=637c43a61f9c5
198.52.107.223200 OK 529 B URL HTTP/1.1 dhl-expressdhl-global-forwarding.misecure.com/dhl-supply-chain/start/token/token.js?v=637c43a61f9c5
IP 198.52.107.223:0
Hash e0ab783c8202c9c64411f26bd6b92d51
b4cb0e5944d11685f3705a59f9ec03cf87cf31b7
4c86824152f2847ddfe75a271590ee393d125a9184380099ab8f1be4ef0cd235
Analyzer Verdict Alert quad9 Sinkholed
GET /dhl-supply-chain/start/token/token.js?v=637c43a61f9c5 HTTP/1.1
Host: dhl-expressdhl-global-forwarding.misecure.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dhl-expressdhl-global-forwarding.misecure.com/dhl-supply-chain/a1b2c3/6d05459499d417aea7e5c0ce9533d64f/start/
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 22 Nov 2022 03:36:06 GMT
Content-Type: application/javascript
Last-Modified: Fri, 22 May 2020 02:55:16 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
ETag: W/"5ec73f14-518"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip
dhl-expressdhl-global-forwarding.misecure.com/dhl-supply-chain/start/ng/ng.js?v=637c43a61f9c6
198.52.107.223200 OK 1.4 kB URL HTTP/1.1 dhl-expressdhl-global-forwarding.misecure.com/dhl-supply-chain/start/ng/ng.js?v=637c43a61f9c6
IP 198.52.107.223:0
Hash aadd06fa5cc599d0a1878fb65c3aa97d
c406e321d2bd127d37a4426478651f2c16ed07c6
ee4faa4c294084aad701ec3066a18494819a0a023ac7274dc6d4936f6911dc8e
Analyzer Verdict Alert quad9 Sinkholed
GET /dhl-supply-chain/start/ng/ng.js?v=637c43a61f9c6 HTTP/1.1
Host: dhl-expressdhl-global-forwarding.misecure.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dhl-expressdhl-global-forwarding.misecure.com/dhl-supply-chain/a1b2c3/6d05459499d417aea7e5c0ce9533d64f/start/
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 22 Nov 2022 03:36:06 GMT
Content-Type: application/javascript
Last-Modified: Mon, 15 Jun 2020 06:41:14 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
ETag: W/"5ee7180a-15d8"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip
dhl-expressdhl-global-forwarding.misecure.com/dhl-supply-chain/core/form/core_form.css
198.52.107.223200 OK 934 B URL HTTP/1.1 dhl-expressdhl-global-forwarding.misecure.com/dhl-supply-chain/core/form/core_form.css
IP 198.52.107.223:0
Hash 74d6eccb799aef288bf6fe97089571f2
8c008ec4fc31e138e6e8abd970dfc3afccafcbd8
7753aff01ba5fa37e884d3553ab07b358a0ca8d9de8e8e68d2358951d9f33985
Analyzer Verdict Alert quad9 Sinkholed
GET /dhl-supply-chain/core/form/core_form.css HTTP/1.1
Host: dhl-expressdhl-global-forwarding.misecure.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dhl-expressdhl-global-forwarding.misecure.com/dhl-supply-chain/a1b2c3/6d05459499d417aea7e5c0ce9533d64f/start/
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 22 Nov 2022 03:36:06 GMT
Content-Type: text/css
Last-Modified: Sat, 23 May 2020 07:38:50 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
ETag: W/"5ec8d30a-11f9"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip
dhl-expressdhl-global-forwarding.misecure.com/dhl-supply-chain/start/style.css
198.52.107.223200 OK 24 kB URL HTTP/1.1 dhl-expressdhl-global-forwarding.misecure.com/dhl-supply-chain/start/style.css
IP 198.52.107.223:0
File type ASCII text, with very long lines (724)
Hash a11ea6207811fb174a89c01450fd035f
62e33593bb9e2fc385c5c8c30c431dc10988b48c
14291b0270af3e8f5dcfe5550bae3b876e9303bf245b5922ebdcb4f37158ee20
Analyzer Verdict Alert quad9 Sinkholed
GET /dhl-supply-chain/start/style.css HTTP/1.1
Host: dhl-expressdhl-global-forwarding.misecure.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dhl-expressdhl-global-forwarding.misecure.com/dhl-supply-chain/a1b2c3/6d05459499d417aea7e5c0ce9533d64f/start/
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 22 Nov 2022 03:36:06 GMT
Content-Type: text/css
Last-Modified: Thu, 21 May 2020 21:36:42 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
ETag: W/"5ec6f46a-2d42e"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip
dhl-expressdhl-global-forwarding.misecure.com/dhl-supply-chain/bower_components/angular/angular.min.js
198.52.107.223200 OK 59 kB URL HTTP/1.1 dhl-expressdhl-global-forwarding.misecure.com/dhl-supply-chain/bower_components/angular/angular.min.js
IP 198.52.107.223:0
File type ASCII text, with very long lines (552)
Hash 07d8a16782c4a2ca8b948cc8ad8616ee
13a241e45d0e174d665932d9f5dca3903f5e7857
869d63fec15a1a2005a8fea172631f41abab89b535944ce1d350e2a3ad3e3857
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /dhl-supply-chain/bower_components/angular/angular.min.js HTTP/1.1
Host: dhl-expressdhl-global-forwarding.misecure.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dhl-expressdhl-global-forwarding.misecure.com/dhl-supply-chain/a1b2c3/6d05459499d417aea7e5c0ce9533d64f/start/
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 22 Nov 2022 03:36:06 GMT
Content-Type: application/javascript
Last-Modified: Sat, 19 Aug 2017 03:37:28 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
ETag: W/"5997b278-2937c"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip
dhl-expressdhl-global-forwarding.misecure.com/dhl-supply-chain/start/ta3.svg
198.52.107.223200 OK 1.0 kB URL HTTP/1.1 dhl-expressdhl-global-forwarding.misecure.com/dhl-supply-chain/start/ta3.svg
IP 198.52.107.223:0
File type SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (1665)
Hash 7970212148d3199b05da2f2a7c2b06d3
8fd780d81ae832ab4c1ab80bd05146310a935c4a
3252e0b33a0002fb409908a6121285579864728ddd9345a62aebcd4caa452683
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /dhl-supply-chain/start/ta3.svg HTTP/1.1
Host: dhl-expressdhl-global-forwarding.misecure.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dhl-expressdhl-global-forwarding.misecure.com/dhl-supply-chain/a1b2c3/6d05459499d417aea7e5c0ce9533d64f/start/
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 22 Nov 2022 03:36:07 GMT
Content-Type: image/svg+xml
Last-Modified: Mon, 18 May 2020 18:12:38 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
ETag: W/"5ec2d016-77d"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip
dhl-expressdhl-global-forwarding.misecure.com/dhl-supply-chain/start/lg.svg
198.52.107.223200 OK 729 B URL HTTP/1.1 dhl-expressdhl-global-forwarding.misecure.com/dhl-supply-chain/start/lg.svg
IP 198.52.107.223:0
File type SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- exported SGML document, ASCII text, with very long lines (2040), with no line terminators
Hash 2185cb2e01e79fa306629c3d10467aa2
67f7c2c367de40d44767e77a05e6f92f1e416c9d
d653f68a6e57cb5b7b4f8f96ae7aeb2e833e498c47cf85c9543cf8c59fab966e
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /dhl-supply-chain/start/lg.svg HTTP/1.1
Host: dhl-expressdhl-global-forwarding.misecure.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dhl-expressdhl-global-forwarding.misecure.com/dhl-supply-chain/a1b2c3/6d05459499d417aea7e5c0ce9533d64f/start/
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 22 Nov 2022 03:36:07 GMT
Content-Type: image/svg+xml
Last-Modified: Mon, 18 May 2020 18:12:38 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
ETag: W/"5ec2d016-7f8"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip
dhl-expressdhl-global-forwarding.misecure.com/dhl-supply-chain/start/pak.png
198.52.107.223200 OK 878 B URL HTTP/1.1 dhl-expressdhl-global-forwarding.misecure.com/dhl-supply-chain/start/pak.png
IP 198.52.107.223:0
File type PNG image data, 57 x 58, 8-bit/color RGB, non-interlaced\012- data
Hash 997a3db672059033a232bcc726aed047
8f67ab4067299aa29920295baa38417160a6d524
4057023fcfa4360934b1a1409a74a40ffbc2bb7dacd2bcc6f69d66a9673f09e8
Analyzer Verdict Alert quad9 Sinkholed
GET /dhl-supply-chain/start/pak.png HTTP/1.1
Host: dhl-expressdhl-global-forwarding.misecure.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dhl-expressdhl-global-forwarding.misecure.com/dhl-supply-chain/a1b2c3/6d05459499d417aea7e5c0ce9533d64f/start/
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 22 Nov 2022 03:36:07 GMT
Content-Type: image/png
Content-Length: 878
Last-Modified: Mon, 18 May 2020 18:12:38 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "5ec2d016-36e"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
dhl-expressdhl-global-forwarding.misecure.com/dhl-supply-chain/start/pub.jpg
198.52.107.223200 OK 82 kB URL HTTP/1.1 dhl-expressdhl-global-forwarding.misecure.com/dhl-supply-chain/start/pub.jpg
IP 198.52.107.223:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1024x150, components 3\012- data
Hash 5000355f5ce08e172610325f3f5ac5bc
381442803d0a67fa45def5d89d3ff49000e4a28d
fd6d79b881550d2aced201e506cbd7dfacafc19c16db81a655ad06f2835819c5
Analyzer Verdict Alert quad9 Sinkholed
GET /dhl-supply-chain/start/pub.jpg HTTP/1.1
Host: dhl-expressdhl-global-forwarding.misecure.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dhl-expressdhl-global-forwarding.misecure.com/dhl-supply-chain/a1b2c3/6d05459499d417aea7e5c0ce9533d64f/start/
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 22 Nov 2022 03:36:07 GMT
Content-Type: image/jpeg
Content-Length: 82133
Last-Modified: Mon, 18 May 2020 18:12:38 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "5ec2d016-140d5"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
dhl-expressdhl-global-forwarding.misecure.com/dhl-supply-chain/home.php?pl=token&link=dhl&bid=6d05459499d417aea7e5c0ce9533d64f&callback=jQuery32105086403489627904_1669088166607&data=%7B%22mes%22%3A%22User%20on%20start%20page%22%7D&_=1669088166608
198.52.107.223200 OK 75 B URL HTTP/1.1 dhl-expressdhl-global-forwarding.misecure.com/dhl-supply-chain/home.php?pl=token&link=dhl&bid=6d05459499d417aea7e5c0ce9533d64f&callback=jQuery32105086403489627904_1669088166607&data=%7B%22mes%22%3A%22User%20on%20start%20page%22%7D&_=1669088166608
IP 198.52.107.223:0
File type ASCII text, with no line terminators
Hash d416db4beb826872535f8c001121b7ef
a93b93bb621d6fe7ab2e22f3a304fe7038da3ae2
d574fb3415f9d3bb0e89b929db237da8e633ea012761e07224fb2b4a183f1f17
Analyzer Verdict Alert quad9 Sinkholed
GET /dhl-supply-chain/home.php?pl=token&link=dhl&bid=6d05459499d417aea7e5c0ce9533d64f&callback=jQuery32105086403489627904_1669088166607&data=%7B%22mes%22%3A%22User%20on%20start%20page%22%7D&_=1669088166608 HTTP/1.1
Host: dhl-expressdhl-global-forwarding.misecure.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: http://dhl-expressdhl-global-forwarding.misecure.com/dhl-supply-chain/a1b2c3/6d05459499d417aea7e5c0ce9533d64f/start/
Cookie: lng=en
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 22 Nov 2022 03:36:07 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Content-Encoding: gzip
dhl-expressdhl-global-forwarding.misecure.com/dhl-supply-chain/home.php?pl=token&link=dhl&bid=6d05459499d417aea7e5c0ce9533d64f&callback=jQuery32105086403489627904_1669088166605&data=%7B%22online_bider%22%3A1%2C%22w%22%3A0%2C%22dev%22%3A3%7D&_=1669088166606
198.52.107.223200 OK 75 B URL HTTP/1.1 dhl-expressdhl-global-forwarding.misecure.com/dhl-supply-chain/home.php?pl=token&link=dhl&bid=6d05459499d417aea7e5c0ce9533d64f&callback=jQuery32105086403489627904_1669088166605&data=%7B%22online_bider%22%3A1%2C%22w%22%3A0%2C%22dev%22%3A3%7D&_=1669088166606
IP 198.52.107.223:0
File type ASCII text, with no line terminators
Hash 5ac75b42ca0ede3049e2d5f277930002
136676852a680dcb3aafcc6f0c0dbbed2c3325f4
ad973e46bdcb488efa88bb0eeeaedfde9a7bcf08401e8299ade9be8cd45f18a6
Analyzer Verdict Alert quad9 Sinkholed
GET /dhl-supply-chain/home.php?pl=token&link=dhl&bid=6d05459499d417aea7e5c0ce9533d64f&callback=jQuery32105086403489627904_1669088166605&data=%7B%22online_bider%22%3A1%2C%22w%22%3A0%2C%22dev%22%3A3%7D&_=1669088166606 HTTP/1.1
Host: dhl-expressdhl-global-forwarding.misecure.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: http://dhl-expressdhl-global-forwarding.misecure.com/dhl-supply-chain/a1b2c3/6d05459499d417aea7e5c0ce9533d64f/start/
Cookie: lng=en
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 22 Nov 2022 03:36:07 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Content-Encoding: gzip
dhl-expressdhl-global-forwarding.misecure.com/favicon.ico
198.52.107.223404 Not Found 741 B URL HTTP/1.1 dhl-expressdhl-global-forwarding.misecure.com/favicon.ico
IP 198.52.107.223:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a20b7a22c48fb193d4e11d80778431aa
69683819a627a3f430c5f8b62fcaa67efb5fe8c1
b15b6b4732583f678c2f7c1a3351a5da6920353d2aa81da9b622940a06120cb5
Analyzer Verdict Alert quad9 Sinkholed
GET /favicon.ico HTTP/1.1
Host: dhl-expressdhl-global-forwarding.misecure.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dhl-expressdhl-global-forwarding.misecure.com/dhl-supply-chain/a1b2c3/6d05459499d417aea7e5c0ce9533d64f/start/
Cookie: lng=en
HTTP/1.1 404 Not Found
Server: nginx
Date: Tue, 22 Nov 2022 03:36:07 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
ETag: W/"6379f4c9-5e6"
Content-Encoding: gzip